Hi to everyone,
I really tried to find the solution to my own issue: in this forum, testing, googling, etc. But nothing... I have to quest you!
For testing purposes of rainbow tables (I am curious person
) I generated a user on an Windows XP trying to break NT hash (not the LM one). The password is obviously known, then I downloaded a rainbow table set that can cover that charset and length (ntlm), specifically these directories from the GARR:
(If I remember correctly, the password hidden by the hash is perrete11
, that, as you can see, is covered by the downloaded rainbows).
I launched samdump2 for linux to extract the corresponding NT hash.
root@localhost:~# samdump2 /mnt/C/WINDOWS/system32/config/SYSTEM /mnt/C/WINDOWS/system32/config/SAM
I'm then picking the second hash appearing there.
Then I launched:
rcracki_mt -h fa6ad7ba82fb8937ff730ced95b00994 -s rcracki_TEST2 ntlm_hybrid2\(loweralpha#7-7\,numeric#1-3\)#0-0_?/*.rti2
After all the process and going through all the tables, no result is found! I've also tried with another password with anothers rainbow tables (ntlm_loweralpha-numeric#1-10) and the result is the same!!!
All the tables were passed through the md5sum check!
Or I am very unlucky or I'm doing something wrong... xD
What is happening?
Thanks in advance to you all.